Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6266
Views
0
Helpful
8
Replies

IPv6 DNS lookup instead of IPv4

OrkhanRustamli
Level 1
Level 1

‎10-17-2019 02:58 AM

Hey All,

I have 9500 series Switches which is facing the firewall and plays the DNS Proxy role for clients and everything is perfect. What is the problem I want to renew license with CSSM and therefore it needs to contact tools.cisco.com. I have tested and the switch has ip connectivity to internet, ping works. But the problem is when I try to telnet tools.cisco.com 443 I see that it tries to contact IPv6 address. I tested several other domain names and all are the same with IPv6. I have disabled IPv6 unicast-routing globally, but it does not help.

 

telnet tools.cisco.com 443
Trying 2001:420:1201:5::A, 443 ...
% Destination unreachable; gateway or host down

 

Any help is appreciated.

 

 

5 people had this problem
Labels:
0 Helpful
8 Replies 8

MatsR
Level 1
Level 1

‎03-04-2020 02:54 AM

Hi,

 

Did you solve this?

I have this excact same issue on a C1100 router

 

 

BR

Mats

 

0 Helpful

Cristian Matei
VIP Alumni
VIP Alumni
In response to MatsR

‎03-05-2020 06:20 AM

Hi,

 

    First try configuring this: "call-home/http resolve-hostname ipv4-first", clear your DNS cache and see if it works now; if still not, try rebooting; if still not, hardcode the IPv4 address in the call-home URL (instead of the name), get the job done and raise a TAC case.

 

Regards,

Cristian Matei.

0 Helpful

M@rco
Level 1
Level 1

‎06-30-2021 02:08 AM

set "no ipv6 enable" on the DNS-facing interface

0 Helpful

Rich R
VIP
VIP
In response to M@rco

‎02-15-2022 04:39 AM - edited ‎02-15-2022 04:42 AM

That doesn't work!

Did anybody work out the answer to this?

Looks like there's an answer here: https://community.cisco.com/t5/switching/disable-aaaa-dns-lookups-on-non-ipv6-router/td-p/3413517

- Disable ipv6 on all interfaces.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.190.0, latest 9800 releases, 8.5.182.11 (8.5 mainline) and 8.5.182.108 (8.5 IRCM)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
0 Helpful

Georg Pauwen
VIP
VIP
In response to Rich R

‎02-15-2022 04:45 AM

Hello,

 

not sure if you already posted this in another thread ? I cannot reach the site at all...I wonder if the site is up...

0 Helpful

Rich R
VIP
VIP
In response to Georg Pauwen

‎02-15-2022 04:49 AM

Seems to work for me:

TEST#ping tools.cisco.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 72.163.4.38, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/113/116 ms

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.190.0, latest 9800 releases, 8.5.182.11 (8.5 mainline) and 8.5.182.108 (8.5 IRCM)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
0 Helpful

Georg Pauwen
VIP
VIP
In response to Rich R

‎02-15-2022 05:09 AM

Hello,

 

ping works, but nothing else. I cannot reach the site on any port...

0 Helpful

Rich R
VIP
VIP
In response to Georg Pauwen

‎02-15-2022 05:22 AM

Works for me - maybe a local ACL/firewall problem.

TEST#telnet tools.cisco.com 443 /ipv4
Trying tools.cisco.com (173.37.145.8, 443)... Open

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.190.0, latest 9800 releases, 8.5.182.11 (8.5 mainline) and 8.5.182.108 (8.5 IRCM)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card